We are encountering a blocking issue concerning S3. According to the documentation, the CORS policy requires '"AllowedOrigins": ["*"]', which contradicts our security policy. We need to specify a specific URL to grant Retool access, similar to what is mentioned in the documentation for '"PUT", "POST", "DELETE"'.
Hi @Dirshant_Kumar ,
I think that you'll either need to selfhost Retool then or use a proxy you can control.
1 Like
Hey @Dirshant_Kumar!
You should be able to specify all the allowed HTTP methods together with the more restrictive AllowedOrigins, ie:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT",
"POST",
"DELETE"
],
"AllowedOrigins": [
"https:// *.retool.com" or "https://[your subdomain].retool.com"
]
}
]
Let me know if that works for you.
1 Like
Hi @joeBumbaca -
Im facing the similar issue. I tried to upload a file to s3 But its throwing an error saying error uploading file. I've used the CORs configurations as you have specified and IAM policy is like:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject*"
],
"Resource": [
"arn:aws:s3:::bucket_name",
"arn:aws:s3:::bucket_name/*"
],
"Effect": "Allow"
},
{
"Action": [
"s3:PutObject*"
],
"Resource": [
"arn:aws:s3:::bucket_name",
"arn:aws:s3:::bucket_name/*"
],
"Effect": "Allow"
},
{
"Action": [
"s3:DeleteObject*"
],
"Resource": [
"arn:aws:s3:::bucket_name",,
"arn:aws:s3:::bucket_name/*"
],
"Effect": "Allow"
},
{
"Action": [
"s3:List*"
],
"Resource": [
"arn:aws:s3:::bucket_name",
"arn:aws:s3:::bucket_name/*"
],
"Effect": "Allow"
}
]
}
But still its not working. Can you help me
Thanks!!